Malware - Infoworld http://podcasts.infoworld.com/t/2111 en Reconnaissance code on industrial software site points to watering hole attack http://podcasts.infoworld.com/d/security/reconnaissance-code-industrial-software-site-points-watering-hole-attack-249563?source=rss_malware <p>Attackers have rigged the website of an industrial software firm with a sophisticated reconnaissance tool, possibly in preparation for attacks against companies from several industries.</p> Security Malware Tue, 02 Sep 2014 12:00:01 +0000 admin 249563 at http://podcasts.infoworld.com CryptoWall held over half a million computers hostage, encrypted 5 billion files http://podcasts.infoworld.com/d/security/cryptowall-held-over-half-million-computers-hostage-encrypted-5-billion-files-249460?source=rss_malware <p>A file-encrypting ransomware program called CryptoWall infected over 600,000 computer systems in the past six months and held 5 billion files hostage, garnering more than $1 million for its creators , researchers found.</p> <p>The Counter Threat Unit (CTU) at Dell SecureWorks performed an extensive analysis of CryptoWall that involved gathering data from its command-and-control (C&amp;C) servers, tracking its variants and distribution methods and counting payments made by victims so far.</p> Security Data Loss Prevention Encryption Malware Fri, 29 Aug 2014 13:13:44 +0000 admin 249460 at http://podcasts.infoworld.com U.S. warns 'significant number' of major businesses hit by Backoff malware http://podcasts.infoworld.com/d/security/us-warns-significant-number-of-major-businesses-hit-backoff-malware-249047?source=rss_malware <p>Over a thousand major enterprise networks and small and medium businesses in the U.S. have been compromised by a recently discovered malware package called "Backoff" and are probably unaware of it, the U.S. Department of Homeland Security (DHS) said in a cybersecurity alert on Friday.</p> Security Malware Fri, 22 Aug 2014 22:33:10 +0000 admin 249047 at http://podcasts.infoworld.com So long, iOS -- jailbreakers have found their home: Android http://podcasts.infoworld.com/d/mobile-technology/so-long-ios-jailbreakers-have-found-their-home-android-248852?source=rss_malware <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/iPhone_Jailbreaking_hp.jpg" alt="So long, iOS -- jailbreakers have found their home: Android" width="243" height="182" align="right" /></div><p>This week, another virus was reported infecting jailbroken iPhones. Honestly, if you jailbreak your iPhone or iPad, you deserve what you get as a result. Mobile Technology Security iOS iPad iPhone Jailbreak Apps Endpoint Protection Malware Fri, 22 Aug 2014 10:00:00 +0000 Galen M. Gruman 248852 at http://podcasts.infoworld.com The UPS Store says malware found on systems of 51 stores http://podcasts.infoworld.com/d/security/the-ups-store-says-malware-found-systems-of-51-stores-248877?source=rss_malware <p>The UPS Store said Wednesday that malicious software was found on the systems of 51 of its franchises in 24 U.S. states, although no fraud has been detected yet.</p> <p>The subsidiary of United Parcel Service, which has 4,470 U.S. stores, <a href="http://www.theupsstore.com/about/media-room/Pages/The-ups-store-notifies-customers.aspx" target="_blank">said in a notice</a> that customer names, postal, and email addresses and payment card information may have been exposed.</p> Security Data Security Malware Thu, 21 Aug 2014 11:38:21 +0000 admin 248877 at http://podcasts.infoworld.com Google broadens its malware sleuthing to sniff out deceptive downloads http://podcasts.infoworld.com/d/security/google-broadens-its-malware-sleuthing-sniff-out-deceptive-downloads-248432?source=rss_malware <p>Google is expanding its safe browsing technology to notify Web users of downloads that appear benign, but actually make unwanted changes to their computers.</p> Security Data Loss Prevention Malware Search Engines Security Thu, 14 Aug 2014 19:42:14 +0000 admin 248432 at http://podcasts.infoworld.com New Gameover Zeus botnet growing in the U.S. http://podcasts.infoworld.com/d/security/new-gameover-zeus-botnet-growing-in-the-us-248400?source=rss_malware <p>Cyber criminals are in the process of rebuilding the GOZ (Gameover Zeus) botnet, which law enforcement authorities took over in June, and recent research suggests that they've had some success, especially in the U.S.</p> <p>The original GOZ botnet was built using a modified version of the infamous Zeus trojan program and was designed to steal online banking and other credentials from infected computers. The GOZ malware authors created a command-and-control infrastructure with a peer-to-peer architecture, making their botnet more resilient to takeover attempts.</p> Security Cyber Crime Malware Security Tools Thu, 14 Aug 2014 17:32:17 +0000 admin 248400 at http://podcasts.infoworld.com The biggest iPhone security risk could be connecting one to a computer http://podcasts.infoworld.com/d/mobile-technology/the-biggest-iphone-security-risk-could-be-connecting-one-computer-248366?source=rss_malware <p>Apple has done well to insulate its iOS mobile operating system from many security issues, but a forthcoming demonstration shows it's far from perfect.</p> <p><a href="https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/wang_tielei" target="_blank">Next Wednesday</a> at the Usenix Security Symposium in San Diego, researchers with the Georgia Institute of Technology will show how iOS's Achilles' heel is exposed when devices are connected over USB to a computer or have Wi-Fi synching enabled.</p> Mobile Technology Security iOS iPhone Mobile Security Malware Thu, 14 Aug 2014 10:48:55 +0000 admin 248366 at http://podcasts.infoworld.com How hackers used Google to steal corporate data http://podcasts.infoworld.com/d/security/how-hackers-used-google-steal-corporate-data-247941?source=rss_malware <p>A group of innovative hackers used free services from Google and an Internet infrastructure company to disguise data stolen from corporate and government computers, a security firm reported.</p> <p>FireEye discovered the campaign, dubbed Poisoned Hurricane, in March while analyzing traffic originating from systems infected with a remote access tool (RAT) the firm called Kaba, a variant of the better known PlugX.</p> Application Development Data Center Networking Security Google Internet Application Development Data Loss Prevention Hacking Malware Data Center Thu, 14 Aug 2014 10:00:00 +0000 admin 247941 at http://podcasts.infoworld.com Malware no longer avoiding virtual machines http://podcasts.infoworld.com/d/security/malware-no-longer-avoiding-virtual-machines-248241?source=rss_malware <p>Many malicious software programs used to make a quick exit on virtual machines, a tactic designed to avoid a security check. But that isn't the case anymore, according Symantec research.</p> <p>As companies increasingly use VMs in operational environments, malware writers are largely trying other methods to avoid detection. It means that simply running VMs won't be enough to scare away malware.</p> Security Malware Wed, 13 Aug 2014 12:18:52 +0000 admin 248241 at http://podcasts.infoworld.com Most USB thumb drives can be reprogrammed to infect computers http://podcasts.infoworld.com/d/security/most-usb-thumb-drives-can-be-reprogrammed-infect-computers-247489?source=rss_malware <p>Most USB devices have a fundamental security weakness that can be exploited to infect computers with malware in a way that cannot easily be prevented or detected, security researchers found.</p> <p>The problem is that the majority of USB thumb drives, and likely other USB peripherals available on the market, do not protect their firmware -- the software that runs on the microcontroller inside them, said Karsten Nohl, the founder and chief scientist of Berlin-based Security Research Labs.</p> Security Endpoint Protection Malware Vulnerability Assessment Fri, 01 Aug 2014 11:44:38 +0000 admin 247489 at http://podcasts.infoworld.com Android vulnerability allows malware to compromise most devices and apps http://podcasts.infoworld.com/d/mobile-technology/android-vulnerability-allows-malware-compromise-most-devices-and-apps-247208?source=rss_malware <p>The majority of Android devices currently in use contain a vulnerability that allows malware to completely hijack installed apps and their data or even the entire device.</p> <p>The core problem is that Android fails to validate public key infrastructure certificate chains for app digital signatures, said Jeff Forristal, chief technology officer of Bluebox Security, a San Francisco company whose researchers discovered the issue.</p> Mobile Technology Security Android Encryption Mobile Security Malware Tue, 29 Jul 2014 15:04:21 +0000 admin 247208 at http://podcasts.infoworld.com Cyber criminals ride Google coattails in DDoS attacks http://podcasts.infoworld.com/d/security/cyber-criminals-ride-google-coattails-in-ddos-attacks-247075?source=rss_malware <p>The easy access Google's Web crawlers have to sites is increasingly being exploited by cyber criminals in launching distributed denial-of-service attacks, a security vendor says.</p> <p>Fake Web crawlers accounted for 4 percent of the total number of legitimate ones, called Googlebots, <a href="http://www.incapsula.com/blog/googlebot-study-mr-hack.html" target="_blank">analyzed by</a> Incapsula.</p> Security Google Cyber Crime Malware Mon, 28 Jul 2014 12:09:51 +0000 admin 247075 at http://podcasts.infoworld.com 11 signs you've been hacked -- and how to fight back http://podcasts.infoworld.com/d/security/11-signs-youve-been-hacked-and-how-fight-back-246530?source=rss_malware <p>In today's threatscape, antivirus software provides little piece of mind, and antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. Despite modern heuristics, virtualized environments, system monitoring, and network traffic detection, hackers still reach us on a regular basis.&nbsp;</p> Security Anti-virus Endpoint Protection Hacking Malware Network Security IDG Insider Fri, 25 Jul 2014 10:00:00 +0000 uphan 246530 at http://podcasts.infoworld.com Thousands of sites compromised through WordPress plug-in vulnerability http://podcasts.infoworld.com/d/security/thousands-of-sites-compromised-through-wordpress-plug-in-vulnerability-246960?source=rss_malware <p>A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far.</p> Security Malware Security Tools Vulnerability Assessment Thu, 24 Jul 2014 18:22:27 +0000 admin 246960 at http://podcasts.infoworld.com Prove it! Another security vendor claims 100 percent malware detection http://podcasts.infoworld.com/d/security/prove-it-another-security-vendor-claims-100-percent-malware-detection-246704?source=rss_malware <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/system_attack.jpg" alt="Prove it! Another security vendor claims 100 percent malware detection" width="243" height="182" align="right" /><br /><em><p align="right">Credit: alexskopje</p></em></div> Security Anti-virus Malware Network Security Security Tue, 22 Jul 2014 10:00:00 +0000 Roger A. Grimes 246704 at http://podcasts.infoworld.com Stealthy 'Critroni' ransomware uses Tor, could replace Cryptolocker http://podcasts.infoworld.com/d/security/stealthy-critroni-ransomware-uses-tor-could-replace-cryptolocker-246652?source=rss_malware <p>Cyber criminals are spreading a new file-encrypting ransomware program that's more powerful and resilient than Cryptolocker, a threat recently shut down by the U.S. Department of Justice.</p> <p>The new ransomware threat is called CTB-Locker (Curve-Tor-Bitcoin Locker), but Microsoft anti-malware products detect it as Critroni.A. Its creator has been advertising the program to other cybercriminals on Russian-language forums since the middle of June and it seems that he's been trying to fix most of Cryptolocker's faults.</p> Security Cyber Crime Encryption Malware Mon, 21 Jul 2014 16:19:52 +0000 admin 246652 at http://podcasts.infoworld.com Source code for tiny 'Tinba' banking malware leaked http://podcasts.infoworld.com/d/security/source-code-tiny-tinba-banking-malware-leaked-246016?source=rss_malware <p>The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.</p> <p>The program, known as "Tinba" or "Zusy," was discovered around mid-2012 and infected tens of thousands of computers in Turkey. It is notable for having a very small code base -- just 20K -- but capabilities similar to malware much larger in size.</p> Security Malware Fri, 11 Jul 2014 11:54:28 +0000 admin 246016 at http://podcasts.infoworld.com Botnet uses brute force to access PoS systems http://podcasts.infoworld.com/d/security/botnet-uses-brute-force-access-pos-systems-245870?source=rss_malware <p>Thousands of compromised computers are actively trying to break into point-of-sale (PoS) systems using brute-force techniques to guess remote administration credentials.</p> <p>The computers are part of a botnet, dubbed BrutPOS by researchers from security firm FireEye, that has been active since at least February. The botnet scans attacker-specified IP address ranges for systems that accept Remote Desktop Protocol (port 3389) connections.</p> Security Authentication Cyber Crime Intrusion Detection Malware Thu, 10 Jul 2014 12:09:01 +0000 admin 245870 at http://podcasts.infoworld.com Facebook announces arrests have been made for the 'Lecpetex' botnet http://podcasts.infoworld.com/d/security/facebook-announces-arrests-have-been-made-the-lecpetex-botnet-245834?source=rss_malware <p>Facebook said police in Greece made two arrests last week in connection with a little-known spamming botnet called "Lecpetex," which used hacked computers to mine the Litecoin virtual currency.</p> <p>As many as 50,000 Facebook accounts were affected, and as many as 250,000 computers worldwide, primarily in Greece, Poland, Norway, India, Portugal, and the United States, according to a <a href="https://www.facebook.com/notes/protect-the-graph/taking-down-the-lecpetex-botnet/1477464749160338">blog post</a> on Tuesday from Facebook's Threat Infrastructure team.</p> Security Malware Social Networking Wed, 09 Jul 2014 12:12:16 +0000 admin 245834 at http://podcasts.infoworld.com